Networking-Forums.com

I currently have a need to create a way to automate pulling configs from a list of switches and generating individual text files of the config with the name of the switch as the name of the file. Keep in mind I am quite the scripting noob so was hoping for some pointers and maybe some reading suggestions to accomplish this.

Here are my thoughts:
1.) Make text/excel file with a list of switch ip addresses.
2.) Make a python (or whatever is best) script to read the ip addresses from the list.
2a.) The script would connect to each switch via telnet (I know, I know).
2b.) The script would then basically do a "show run" to a text file with the name of the switch and put it in a folder I designate.

I am sure this is light years behind what most of you are already doing, but I already do something very similar in a powershell script to pull stuff from AD so this shouldn't be that much of a stretch.

https://github.com/wintermute000/corebackup?files=1

The ansible way

Quote from: wintermute000 on October 05, 2017, 03:18:30 PM
https://github.com/wintermute000/corebackup?files=1

But yeah you could also do it manually in Python.

Thanks for the link but I have no idea what I am looking at lol. Keep in mind I have 0 training in scripting/programming. I actually found (via Google) some already made powershell scripts that do exactly what I am wanting and I am much more familiar with it than actual programming languages. The only problem is all the ones I found are SSH only and this specific location I am dealing with only has telnet remote access on their switches. :(

I could shoot you some Python, but then according to you , you wouldn't know what you are looking at sooooo....

There's no short cuts to automation. Remember how you had to grind out your CCNA? Now do it again with Python or whatever. Your idea is straightforwards conceptually so just go ahead and have a crack at it.

Quote from: wintermute000 on October 05, 2017, 04:02:07 PM
I could shoot you some Python, but then according to you , you wouldn't know what you are looking at sooooo....

There's no short cuts to automation. Remember how you had to grind out your CCNA? Now do it again with Python or whatever. Your idea is straightforwards conceptually so just go ahead and have a crack at it.

As usual, Wintermute speaks the 100% truth. Python is before all of us. We can waste energy running from it, or we can learn to dance with it.

As an introduction, I'd recommend getting a Linux box running, get that Python package installed on it, and then read over some Python scripts. Just read them and see what jumps up and makes sense without any foreknowledge.

Then, when you start reading about how to do Python stuff, things you saw in those first scripts will pop back in your head and you'll go back and read them with new understanding.

By the way, if you've ever hacked a file to mod a game, you've done scripting/programming. I've never programmed a server-side application, but there are more than a few events in my homebrew mod for Victoria II that work just fine. I've brought them through code upgrades that broke the hell out of them and I've refined them to stop producing ridiculous results.

Side note: if you read Wintermute's posts with the voice of Rick Sanchez, they make even more sense than without that voice. :awesome:

Just remember, if you don't research with Google and Stackoverflow, you'll be all like

:morty:

BUT

If you use those resources and aren't afraid to get your hands dirty and make mistakes, soon you'll be all like

:meeseeks:

with only short bursts of the first GIF in this post... :P

Quote from: Nerm on October 05, 2017, 03:36:44 PM
... and this specific location I am dealing with only has telnet remote access on their switches. :(

:umad: :wha?: :kiwf: :ivan:


Check out Codeacademy.com, they have a fairly simple FREE introductory course for Python.  I was taking it, but lost all my free time when I changed jobs, I got to get myself back to it .

I already have that written

https://github.com/GoreNetwork/Pull-running-configs

you'll need python and use pip to install netmiko

If you want telnet you'll have to change the device type in line 42, I think the device type will be
device_type='cisco_ios_telnet'

I think I already have an account on codeacademy.com but just never used it. Looks like it is time to go down that path. I am at a point where I have no interest in coding and never have, however I also see the value in the automation it can bring.

Enabling the Configuration Archive feature would be much simpler.

https://learningnetwork.cisco.com/blogs/vip-perspectives/2013/10/30/understanding-cisco-auto-archive-feature-to-backup-configuration-file

Or, if you insist on scripting, write a script to enable the Configuration Archive feature.

:haha1:

Quote from: SimonV on October 06, 2017, 01:34:28 PM
Enabling the Configuration Archive feature would be much simpler.

https://learningnetwork.cisco.com/blogs/vip-perspectives/2013/10/30/understanding-cisco-auto-archive-feature-to-backup-configuration-file

Or, if you insist on scripting, write a script to enable the Configuration Archive feature.

:haha1:

be wary carefully,  you know what happened on a 6500 SUP720 when I once tried to configure config archive to an empty card slot.....

:problem?:  <inset new explosion icon here>

Quote from: ristau5741 on October 06, 2017, 01:45:55 PM
be wary carefully,  you know what happened on a 6500 SUP720 when I once tried to configure config archive to an empty card slot.....

:problem?:  <inset new explosion icon here>

I think this one fits the story:

:explosion2:

I recommend Kirk Byers Python for network engineer 10 week program. Worked for me

Ok.....so.....I dove in heads first over the weekend and was unable to come up with a script that works for my specific situation. I was however able to create a script that would pull from a list of IP's from a file and go out and modify the config of the switch so that dlots script would then work. btw, lots of thanks to dlots and wintermute because looking at their code of scripts they linked to was hugely helpful. In fact dlots code for reading IP's from a file is the essential part of my script.


import telnetlib

pw = "telnet_pw"
enpw = "enable_pw"
command = "conf t"
command2 = "username user privilege 15 secret password"
command3 = "line vty 0 4"
command4 = "login local"
command5 = "end"
command6 = "wr mem"

def get_ip (input):
return(re.findall(r'(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)', input))


def get_ips (file_name):
for line in open(file_name, 'r').readlines():
line = get_ip(line)
for ip in line:
ips.append(ip)
ips = []
get_ips("IPs.txt")

for ip in ips:
    tn = telnetlib.Telnet(ip, timeout = 10)
    tn.read_until(("Password:").encode('ascii'))
    tn.write((pw + "\r\n").encode('ascii'))
    tn.read_until((">").encode('ascii'))
    tn.write(("en" + "\r\n").encode('ascii'))
    tn.read_until(("Password:").encode('ascii'))
    tn.write((enpw + "\r\n").encode('ascii'))
    tn.read_until(("#").encode('ascii'))
    tn.write((command + "\r\n").encode('ascii'))
    tn.write((command2 + "\r\n").encode('ascii'))
    tn.write((command3 + "\r\n").encode('ascii'))
    tn.write((command4 + "\r\n").encode('ascii'))
    tn.write((command5 + "\r\n").encode('ascii'))
    tn.write((command6 + "\r\n").encode('ascii'))
    tn.write(("exit" + "\r\n").encode('ascii'))
    output = tn.read_all()
    print(output)


EDIT: I realize that to those of you with scripting experience probably think this is horrible, but it worked and accomplished a task I needed to automate and push out to 40+ switches at once.

Yay!
I am glad it's working for you :-D

You have it done now, but is there any reason not to use RANCID, or Oxidized? Then you get the benefit of configuration history as well.

-Otanx

Sorry for taking so long to reply. I have been swamped of late and am just now able to breathe a little.

Where I work you have to jump through massive amounts of red tape to get permission to install a Linux distro in the environment. So I was trying to avoid the red tape and accomplish this on an existing Windows box. Plus I had trouble finding an already written script or application that could do what I needed when generic telnet was the only remote access method.

Its sad that this kind of crap still exists in this day and age (been there seen it before....). So what runs the majority of web servers and vast majority of AWS workloads and forms the backend of every large hyperscaler or SaaS provider or Cloud provider out there is not good enough, but closed source been shafting you for 20 years of licensing MS is the only way forward. Alrighty then


I'll one up you: large quasi-government entity completely reliant upon linux (scientific etc.), but can't connect to mainstream internet repos so they run their own internal repos for everything.... takes them a week just to get apt-get install or yum install going. Otherwise you just get a minimal install  Because their linux guys are even worse at linux than level 1 MS support techs at MS. And you're the external network guy so you're not supposed to or allowed to touch any of that stuff.

Number one reason IT managers have a phear of Linux:

IT IS USED BY HACKERS. If you use Linux, you will become a hacker in that very instant. That is bad for security. DUH!

:yeahright:

On a more serious note, there are distros of Linux, Mint for example, that are very secure from an individual install perspective. This makes them difficult to manage on an enterprise level out of the box.

So the answer is to either get the tools that allow for enterprise management set up and configured OR seek out a distro that is geared for enterprise management... and which is also doing its due diligence with security.

Linux can and should be used by every network engineer to start messing around with scripting and other stuff - it is an incredibly powerful tool to have and does not lock one in to a proprietary solution. I should write a whitepaper on that... or at least a Peerlyst article...

There. I done it.

https://www.peerlyst.com/posts/it-network-managers-give-the-gift-of-linux-to-your-engineers-dean-webb

Feel free to get someone, maybe even yourself, to forward the link on to your manager. I even worked in the below image, to show managers how happy their directs will be when they get that Linux box:

:greatoffer:

 :applause:
:snail:

We wish you a happy Linux and a sudo New Year.

(there is a holiday song in there somewhere....)